Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit f3ecc16507e1 · 2025-12-20T05:22:08.000Z
GHSA-56qj-wp5r-mvhj GHSA-fff3-4rp7-px97
diff --git a/advisories/github-reviewed/2025/08/GHSA-56qj-wp5r-mvhj/GHSA-56qj-wp5r-mvhj.json b/advisories/github-reviewed/2025/08/GHSA-56qj-wp5r-mvhj/GHSA-56qj-wp5r-mvhj.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-56qj-wp5r-mvhj",
-  "modified": "2025-08-20T20:46:52Z",
+  "modified": "2025-12-20T05:20:50Z",
   "published": "2025-08-20T15:31:41Z",
   "aliases": [
     "CVE-2025-43750"
@@ -11,7 +11,7 @@
   "severity": [
     {
       "type": "CVSS_V4",
-      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"
     }
   ],
   "affected": [
diff --git a/advisories/github-reviewed/2025/08/GHSA-fff3-4rp7-px97/GHSA-fff3-4rp7-px97.json b/advisories/github-reviewed/2025/08/GHSA-fff3-4rp7-px97/GHSA-fff3-4rp7-px97.json
@@ -1,9 +1,11 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-fff3-4rp7-px97",
-  "modified": "2025-08-25T15:54:52Z",
+  "modified": "2025-12-20T05:19:59Z",
   "published": "2025-08-25T15:54:51Z",
-  "aliases": [],
+  "aliases": [
+    "CVE-2025-68469"
+  ],
   "summary": "ImageMagick has a heap-buffer-overflow",
   "details": "### Summary\nWhile Processing a crafted TIFF file, imagemagick crashes.\n\n### Details\nFollowing is the imagemagick version:\n```\nimagemagick_git/build_26jun23/bin/magick --version\nVersion: ImageMagick 7.1.1-13 (Beta) Q16-HDRI x86_64 56f478940:20230625 https://imagemagick.org\nCopyright: (C) 1999 ImageMagick Studio LLC\nLicense: https://imagemagick.org/script/license.php\nFeatures: Cipher DPC HDRI \nDelegates (built-in): fontconfig freetype jbig jng jpeg lcms lzma pangocairo png tiff webp x xml zlib\nCompiler: gcc (4.2)\n```\n### PoC\nissue can be replicated with following command with provided POC file(sent over email):\n```bash\nmagick poc.tiff /dev/null\n```\n### Impact\nThis can lead to application crash.\n\n### Credits\nPlease give credits to Hardik shah of Vehere (Dawn Treaders team)",
   "severity": [
@@ -361,6 +363,10 @@
       "type": "WEB",
       "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fff3-4rp7-px97"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68469"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/ImageMagick/ImageMagick"
@@ -373,6 +379,6 @@
     "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2025-08-25T15:54:51Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2025-12-18T16:15:57Z"
   }
 }

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-56qj-wp5r-mvhj",`
`4`		`- "modified": "2025-08-20T20:46:52Z",`
	`4`	`+ "modified": "2025-12-20T05:20:50Z",`
`5`	`5`	`"published": "2025-08-20T15:31:41Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-43750"`
`@@ -11,7 +11,7 @@`
`11`	`11`	`"severity": [`
`12`	`12`	`{`
`13`	`13`	`"type": "CVSS_V4",`
`14`		`- "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"`
	`14`	`+ "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N"`
`15`	`15`	`}`
`16`	`16`	`],`
`17`	`17`	`"affected": [`